Are you using MacOS High Sierra? Anyone could log into your device

A professional wordsmith, Corina has improved her writing skills through extensive experiences in journalism, advertising and marketing. Curious by nature, she enjoys learning foreign languages and discovering everything, as well as everyone around her.

However, sometimes, these measures may not be enough. The latest version of MacOS High Sierra – 10.13.1 (17B48), released in September – has a flaw which allows people to enter the word “root” when prompted for a username, and provide no password when logging on to the device. Once someone logs in, they’ve essentially authenticated themselves as the owners of the computer. They can add administrators, change critical settings, lock out the current owner, and so on.

Bear in mind that there’s no need to do this yourself to verify it. Doing so creates a “root” account that others may be able to take advantage of if you don’t disable it.

The glitch grants anyone to access the file system for a Mac, exposing private documents on that particular device.

The bug appears to have been first noticed by Lemi Orhan Ergin, founder of Software Craftsman Turkey, who noted it publicly on Twitter.

Although Mac devices are generally regarded as extra secure and less prone to hacking and malware infections, this is a major and very dangerous flaw.

What is there to do?

Here is what Apple says:

“We are working on a software update to address this issue. In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the ‘Change the root password’ section.”

So until this issue is solved, make sure to follow the above-mentioned instructions, so that your personal data don’t end up in the wrong hands.

Otherwise, leaving your device unattended is definitely not a good idea!

About the author

Corina Dobre

A professional wordsmith, Corina has improved her writing skills through extensive experiences in journalism, advertising and marketing. Curious by nature, she enjoys learning foreign languages and discovering everything, as well as everyone around her.

2 Comments

I like CyberGhost and that is why I want to alert you to the fact that when you try trial free version I can download your new one when I use another software as an anonymizer so Cyber Ghost will start a 7 day new time countdown and so abuse your patience to use your very good software I’ve tried it on my PC and it’s just that I do not belong to those people who abused the favor in their favor and I’m going to uninstall the newly downloaded CyberGhost, there’s no hacker
a normal internet user who gets nervous about watching some 3 pages, but on the other hand some programs are really expensive 🙂 thank you for replying because I’m really interested in it and I mean buying CyberGhost
health you Robo

Hey, Robo! Thank you for dropping by and for providing your feedback. But could you please be a bit clearer concerning the issue that you encountered, so that I can provide you with an appropriate answer? Does the 7-day trial restart itself on your PC, if you have another VPN running, is this what you are saying? Thank you in advance for clearing this up!